Security Overview · junkurihara/httpsig-rs · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

Report a vulnerability

Improper Digest Verification in httpsig-hyper May Allow Message Integrity Bypass
GHSA-7v42-g35v-xrch published Feb 14, 2026 by junkurihara

High
HMAC verification is vulnerable to timing attack
GHSA-q7pg-9pr4-mrp2 published Sep 12, 2025 by junkurihara

Moderate

Learn more about advisories related to junkurihara/httpsig-rs in the GitHub Advisory Database